CVE-2022-21911 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
microsoft	CNA	7.5 HIGH				CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Affected Products (NVD)

Vendor	Product	Version
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	4.5.2
microsoft	.net_framework	3.5.1
microsoft	.net_framework	3.5
microsoft	.net_framework	4.6
microsoft	.net_framework	2.0:sp2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.8
microsoft	.net_framework	4.8
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2
microsoft	.net_framework	4.8
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	4.5.2
microsoft	.net_framework	3.5
microsoft	.net_framework	4.8
microsoft	.net_framework	4.6
microsoft	.net_framework	4.6.1
microsoft	.net_framework	4.6.2
microsoft	.net_framework	4.7
microsoft	.net_framework	4.7.1
microsoft	.net_framework	4.7.2

𝑥

= Vulnerable software versions

Windows Releases

Platform

Version

Windows 10

(x64, x86)	KB5009585
1607 (x64, x86)	KB5009546
1607 (x64, x86)	KB5008877
1809 (arm64, x64, x64, x86, x86)	KB5009718
1909 (arm64, x64, x86)	KB5008879
20H2 (arm64, x86)	KB5008876
21H1 (arm64, x64, x86)	KB5008876
21H2 (arm64, x86)	KB5008876

Windows 11

21H2 (x64)

KB5008880

Windows 7

Service Pack 1 (x64, x64, x64, x64, x86, x86, x86, x86)	KB5009719
Service Pack 1 (x64, x86)	KB5009711

Windows 8.1

(x64, x64, x64, x64, x86, x86, x86, x86)

KB5009721

Windows RT 8.1

All

KB5009721

Windows Server

20H2 Server Core

KB5008876

Windows Server 2008

Service Pack 2 (x64, x64, x64, x86, x86, x86)

KB5009722

Windows Server 2008 R2

Service Pack 1 (x64, x64, x64, x64)	KB5009719
Service Pack 1 (x64)	KB5009711
Service Pack 1 Server Core (x64, x64, x64)	KB5009719
Service Pack 1 Server Core (x64)	KB5009711

Windows Server 2012

Server Core	KB5009720
Standard	KB5009720

Windows Server 2012 R2

Server Core	KB5009721
Standard	KB5009721

Windows Server 2016

Server Core	KB5008877
Server Core	KB5009546
Standard	KB5008877
Standard	KB5009546

Windows Server 2019

Server Core	KB5009718
Standard	KB5009718

Windows Server 2022

Server Core	KB5008882
Standard	KB5008882

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21911

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21911